Salesforce has been added to the Certified Cloud Services List (CCSL) maintained by the Australian Signals Directorate (ASD).
The company’s software as a service and platform as a service offerings have been certified for use with Unclassified DLM information (information that is not classified but may be sensitive and is not intended for public release).
Salesforce is the sixth company to join the list, a process that involves assessment of a cloud service under the ASD’s Information Security Registered Assessors Program (IRAP). The list allows government agencies to more easily adopt a cloud service without having to undertake the same level of scrutiny of its security that they would otherwise.
“Nothing is more important to Salesforce than the security and privacy of our customers' data. We are delighted to have this now recognised through the IRAP certification,” Dan Bognar, senior vice-president, Salesforce APAC, told Computerworld Australia.
“This is an important milestone as we continue our
momentum within the public sector, and as agencies leverage the
Salesforce cloud to transform and digitise their citizen and stakeholder
Currently services on the list are only certified for use with unclassified information but most of the cloud providers currently on the CCSL are known to be seeking a higher level of certification.
The Department of Defence confirmed to Computerworld Australia earlier this week that it expects services certified to be used with information classified at the PROTECTED level to be added to the list before the end of 2016.
(The Australian government’s four levels of classified information are PROTECTED, CONFIDENTIAL, SECRET and TOP SECRET.)